Date: Thu, 2 Aug 2001 14:41:21 +0200 From: Bart Matthaei <bart@xs4nobody.nl> To: Brian Somers <brian@Awfulhak.org> Cc: freebsd-security@freebsd.org Subject: Re: RELEASE 4.3 -> RELENG_4_3: SUCCESSFULLY but ... Message-ID: <20010802144121.A11210@heresy.xs4nobody.nl> In-Reply-To: <200108020005.f7205A811423@hak.lan.Awfulhak.org>; from brian@Awfulhak.org on Thu, Aug 02, 2001 at 01:05:10AM %2B0100 References: <bart@xs4nobody.nl> <200108020005.f7205A811423@hak.lan.Awfulhak.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I didn't say that securelevels have any use. There are lots of ways you can get around it. with regards, Bart Matthaei On Thu, Aug 02, 2001 at 01:05:10AM +0100, Brian Somers wrote: > > On Wed, Aug 01, 2001 at 10:01:41PM +0100, Nuno Teixeira wrote: > > <snip> > > > My question is: what is the real danger of doing `installworld` in > > > multiuser mode? I have doing a lot of tests in other machines tracking > > > STABLE and I have no problems so far. > > > > They advice you to run singleuser, because of the securelevel. > > If your securlevel is set to 3, for instance, you (no, not even root) wont be > > able to overwrite files that have the schg flags set (system immutable > > flag).. So things like rcp (which is schg by default) wont be installed > > properly. > > $ ls -lo /bin/* /usr/bin/* /sbin/* /usr/sbin/* /usr/libexec/* | fgrep -w schg > -r-sr-xr-x 1 root wheel schg 348908 Aug 1 07:58 /bin/rcp > -r-x------ 1 root wheel schg 382188 Aug 1 08:10 /sbin/init > -r-sr-xr-x 6 root wheel schg 32612 Aug 1 08:15 /usr/bin/chfn > -r-sr-xr-x 6 root wheel schg 32612 Aug 1 08:15 /usr/bin/chpass > -r-sr-xr-x 6 root wheel schg 32612 Aug 1 08:15 /usr/bin/chsh > -r-sr-xr-x 1 root wheel schg 24936 Jul 26 11:23 /usr/bin/crontab > -r-sr-xr-x 1 root wheel schg 21668 Aug 1 08:15 /usr/bin/login > -r-sr-xr-x 1 man wheel schg 29040 Jul 16 09:07 /usr/bin/man > -r-sr-xr-x 1 root wheel schg 4064 Jul 16 09:15 /usr/bin/opieinfo > -r-sr-xr-x 1 root wheel schg 10692 Jul 16 09:15 /usr/bin/opiepasswd > -r-sr-xr-x 2 root wheel schg 26900 Aug 1 08:16 /usr/bin/passwd > -r-sr-xr-x 1 root wheel schg 10296 Jul 16 09:15 /usr/bin/rlogin > -r-sr-xr-x 1 root wheel schg 7660 Aug 1 08:16 /usr/bin/rsh > -r-sr-xr-x 1 root wheel schg 10456 Aug 1 08:16 /usr/bin/su > -r-sr-xr-x 6 root wheel schg 32612 Aug 1 08:15 /usr/bin/ypchfn > -r-sr-xr-x 6 root wheel schg 32612 Aug 1 08:15 /usr/bin/ypchpass > -r-sr-xr-x 6 root wheel schg 32612 Aug 1 08:15 /usr/bin/ypchsh > -r-sr-xr-x 2 root wheel schg 26900 Aug 1 08:16 /usr/bin/yppasswd > -r-xr-xr-x 1 root wheel schg 85120 Aug 1 08:09 /usr/libexec/ld-elf.so.1 > -r-sr-x--- 1 root network schg 11256 Jul 16 09:17 /usr/sbin/sliplogin > > This just blows my mind. Not only because I can't see (for example) why > rsh has schg and rshd does not, but also because > > $ ls -lod / /bin /usr/bin /sbin /usr /usr/sbin /usr/libexec > drwxr-xr-x 21 root wheel - 512 Aug 1 14:07 / > drwxr-xr-x 2 root wheel - 1024 Aug 1 08:14 /bin > drwxr-xr-x 2 root wheel - 2048 Aug 1 08:11 /sbin > drwxr-xr-x 26 root wheel - 512 Aug 1 07:54 /usr > drwxr-xr-x 2 root wheel - 8192 Aug 1 08:21 /usr/bin > drwxr-xr-x 8 root wheel - 1536 Aug 1 08:21 /usr/libexec > drwxr-xr-x 2 root wheel - 4608 Aug 1 08:21 /usr/sbin > > makes the whole thing a joke. Even at a high secure level, to > replace /sbin/init for example, you can > > # cd / > # cp -rp sbin sbin.new > # mv sbin sbin.old > # mv sbin.new sbin > > If programs are going to be chflags'd at install time, then their > parent directories should at least have sappnd on them -- or even > more appropriately, schg so that nothing can be planted in root's > path. > > Of course the problem with doing that is it makes the installworld > rather difficult, even with securelevel == -1. > > > Also, singleuser makes sure processes like sshd are shut down. > > I can't see why that would make a difference (assuming a reboot is > done after the installworld). > > > (this is my theory.. correct me if im wrong) > > > > With regards, > > > > Bart Matthaei > > -- > Brian <brian@freebsd-services.com> <brian@Awfulhak.org> > http://www.freebsd-services.com/ <brian@[uk.]FreeBSD.org> > Don't _EVER_ lose your sense of humour ! <brian@[uk.]OpenBSD.org> > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- Bart Matthaei | bart@xs4nobody.nl | +31 6 24907042 Cysonet Managed Hosting | bart@cysonet.com ------------------------------------------------- /* It's always funny until someone gets hurt.. * (and then it's just hilarious) */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010802144121.A11210>